<?php
session_start();

if(strtolower($_POST['yzm']) != strtolower($_SESSION['yzm'])){
	echo '<script>alert("验证码错误");window.location.href="login.php"</script>';

}

include_once('function.php');
$config = include_once('config.php');

$_POST['pwd'] = md5($_POST['pwd']);

$where = "where `uname` = '{$_POST['zhanghao']}' and `pwd` = '{$_POST['pwd']}'";
$res = select($config,'user',$where);

if($res){
	echo '<script>alert("登陆成功");window.location.href="index.php"</script>';
	$_SESSION['uname']= $res[0]['uname'];
	$_SESSION['islogin']= 1;
}else{
	echo '<script>alert("登陆失败,账号密码不匹配");window.location.href="login.php"</script>';

}